/**
 * Copyright (C), 2015-2020, XXX有限公司
 * FileName: MySecurityConfig
 * Author:   吴建森
 * Date:     2020/12/2 11:38
 * Description:
 * History:
 * <author>吴建森      <time>          <version>          <desc>
 * 作者姓名           修改时间           版本号              描述
 */
package com.sen.config;

import com.sen.service.MyUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.cors.CorsUtils;

/**
 * 〈一句话功能简述〉<br>
 * 〈〉
 *
 * @author 吴建森
 * @create 2020/12/2
 * @since 1.0.0
 */
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class MySecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    MyUserService myUserService;
    @Autowired
    MyAuthenticationSuccessHandler myAuthenticationSuccessHandler;
    @Autowired
    MyAuthenticationFailureHandler myAuthenticationFailureHandler;
    @Autowired
    MyAccessDeniedHandler myAccessDeniedHandler;
    @Autowired
    JwtAuthorizationTokenFilter jwtAuthorizationTokenFilter;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(myUserService).passwordEncoder(new BCryptPasswordEncoder());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                .and()
                .addFilterBefore(jwtAuthorizationTokenFilter, UsernamePasswordAuthenticationFilter.class);
        //跨域请求会先进行一次options请求
        http.authorizeRequests().antMatchers(HttpMethod.OPTIONS)
                .permitAll();
        //配置认证请求
        http.authorizeRequests()
                //处理跨域请求中的Preflight请求
                .requestMatchers(CorsUtils::isPreFlightRequest)
                .permitAll()
                //是否启用适配器处理url
//                .anyRequest().access("@authConfig.hasPermission(request,authentication)")
                .anyRequest()
                .permitAll()
//                .authenticated()
                .and()
                .formLogin()
//                .loginPage("/tologin")
                .loginProcessingUrl("/login")
                .usernameParameter("username")
                .passwordParameter("password")
                .permitAll()
                //登录成功
                .successHandler(myAuthenticationSuccessHandler)
                //登录失败
                .failureHandler(myAuthenticationFailureHandler)
                .and()
                //无权限访问处理器
                .exceptionHandling().accessDeniedHandler(myAccessDeniedHandler);
        http.cors()
                .and().csrf().disable();
//                .defaultSuccessUrl("/toindex")
//                .failureUrl("/toerror")
//                .permitAll();
    }
}
